Who can activate a network policy for users in a Snowflake account? (Choose two.)
Who can activate a network policy for users in a Snowflake account? (Choose two.)
In a Snowflake account, the ACCOUNTADMIN role is one of the highest-level admin roles that can activate a network policy. Additionally, any role that has been granted the global ATTACH POLICY privilege can also perform this action. Roles such as USERADMIN or PUBLIC do not have the necessary permissions by default to activate network policies. Thus, the correct selections are ACCOUNTADMIN and any role with the global ATTACH POLICY privilege.
AE Only security administrators (i.e. users with the SECURITYADMIN role) or higher or a role with the global ATTACH POLICY privilege can activate a network policy for an account. Once the policy is associated with your account, Snowflake restricts access to your account based on the allowed list and blocked list.
AE correct
AE is correct
Answer - AE Only security administrators (i.e. users with the SECURITYADMIN role) or higher or a role with the global ATTACH POLICY privilege can activate a network policy for an account. Once the policy is associated with your account, Snowflake restricts access to your account based on the allowed list and blocked list.
Only security administrators (i.e. users with the SECURITYADMIN role) or higher or a role with the global ATTACH POLICY privilege can activate a network policy for an account. Once the policy is associated with your account, Snowflake restricts access to your account based on the allowed list and blocked list.
note that USERADMIN (B) is lower than SECURITYADMIN